Skip to content

Unable to negotiate key exchange method when using post-quantum algorithms #174

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
ShiinYu opened this issue Mar 27, 2025 · 0 comments
Open

Unable to negotiate key exchange method when using post-quantum algorithms #174

ShiinYu opened this issue Mar 27, 2025 · 0 comments

Comments

@ShiinYu
Copy link

ShiinYu commented Mar 27, 2025

When attempting to establish an SSH connection using post-quantum algorithms (classic-mceliece-348864-sha256 for KEX and ssh-mldsa44 for host keys), the connection fails with a key exchange negotiation error. The server responds with a list of supported algorithms that do not include the specified post-quantum methods.

Command Executed:
sudo /home/pqc/openssh/openssh/ssh -F /home/pqc/openssh/openssh/regress/ssh_config
-o KexAlgorithms="classic-mceliece-348864-sha256"
-o HostKeyAlgorithms=ssh-mldsa44
-o PubkeyAcceptedKeyTypes=ssh-mldsa44
-o PasswordAuthentication=no
-i regress/ssh-mldsa44
somehost true
Error Message:
Unable to negotiate with 127.0.0.1 port 4242: no matching key exchange method found.
Their offer: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,
ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,
diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,kex-strict-s-v00@openssh.com
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ShiinYu